Interprets security and assurance policies and contributes to development of policies, standards and guidelines that comply with these, to enable effective assessment of risks to information availability, integrity, authentication and confidentiality.